Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

trojan.qoologic, ouch.

Status
Not open for further replies.
GlenJohnson

GlenJohnson

MIS
Aug 2, 2001
5,203
US
This one is a killer. Anybody had any luck? I've got Spyware doctor working on it now, tried modifying the registry. I've been working on pc's for decades and this one is a killer. Luckily this is my wifes pc and not a clients, so it's not hurting my reputation to much.
[cannon]

Glen A. Johnson
Johnson Computer Consulting
[americanflag]
Support our Troops!
 
Sort by date Sort by votes
You have a Vundo infection so lets take care of this first.

Please download VundoFix.exe to your desktop.


Double-click VundoFix.exe to run it.
Put a check next to Run VundoFix as a task.
You will receive a message saying vundofix will close and re-open in a minute or less. Click OK

When VundoFix re-opens, click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will shutdown your computer, click OK.
Turn your computer back on.
Please post the contents of C:\vundofix.txt and a new HiJackThis log.

Cheeers
James
 
Upvote 0 Downvote
vundofix seemed to do the trick, but I had to go back and remove some of the other anti-garbage stuff I had tried. It took out the internet, and I was getting annoyed until I remembered the winsockfix.exe to repair the tcp/ip stack. Ran that while I took a shower and everything seems back to normal. Only problem is when I shut down the internet the desktop icons disapear. Gonna let it run until I see how long they stay gone. Thanks for the help.
[2thumbsup]

Glen A. Johnson
Johnson Computer Consulting
[americanflag]
Support our Troops!

 
Upvote 0 Downvote
Vundo seemed to have only fixed part of the problem. Still have others buried in the registry. Purchased Norton 2008, and I can't install it. Get the error message that the key is invalid. I know it's not. Talked to Norton, and they asked me if there was a virus involved and I told them yes. For $99, they would take over my computer and fix the virus. They already tried this, so I knew it would'n work, the virus wouldn't let them in, so I asked them if this didn't work, would I get my money back? No, there was no money back guarentee. The gentleman asked me if I was ready? I said for what? For you to slap me on the head and call me stupid? I'm gonna try ONCE AGAIN to boot into safe mode and load the new Norton. This thing has got so many virus's I'm at a loss. Anybody have any idea's?

Glen A. Johnson
Johnson Computer Consulting
[americanflag]
Support our Troops!

 
Upvote 0 Downvote
Download hijackthis from the link below. Post the logfile on here.


Also if you can , slave the drive into another machine and run an antivirus such as avg or antivir. I highly disreccomend norton, however that is my opinion.



Also, if you know the virus name or files, you can do a few things. One search the registry for the names of the files, delete the keys and use killbox or unlocker to delete the stubborn files



Also id reccomend using ccleaner to empty out all temp locations.


Also, a good registry cleaner helps remove leftover keys.

If by any chance you use antivir, here is how I reccomend configuring it. (By the way, antivir does not get along with norton and they will conflict if both are on the same machine)

This is to setup antivir after it has been installed.

Right click on the logo in the taskbar(a red square with a white umbrella), then left click configure. Towards the top left, you will see a box beside expert mode. Check this box. Now click the + beside scanner, and now the + beside scan. This will expand them.

Now click on scan itself to where it is highlighted. Now to the right under files, select the circle beside all files. Now click on action for concerning files. To the right, click the circle beside automatic. Now to the right of that, set primary action to repair and secondary action to delete. DO NOT check the box that says "copy file to quarantine before action".

Now click on archives to where it is highlighted. Make sure all boxes on this page are checked, if not check them. Now click on heuristic. To the right under win32 file heuristic, check the box beside "win32 file heurisitic", then click the circle beside medium detection level.

Now click the + beside guard and the + beside scan to expand them. Now click on scan to where it is highlighted. To the right under scan mode, check "scan when reading and writing". To the right of that under files, click the circle beside "all files".

Now click on heuristic to where it is highlighted. Check the box beside win32 file heuristic, and then click the circle beside medium detecion level. Now click ok and antivir is now setup for scanning. I highly reccomend doing a scan now.

There is a point in wisdom and knowledge that when you reach it, you exceed what is considered possible - Jason Schoon
 
Upvote 0 Downvote
Thanks, ElectronicsFreaks, I'll try it on Monday. Tied up all weekend. I'll tell ya, this thing is buried so deep, it's stopped me every step of the way. Thinking about just buying my wife a new computer, fdisking this thing and using it as a backup. One thing I've learned, Norton is not worth blowing you're nose on. Still, I'll try you're suggestion before I give up, I'm always willing to learn. Thanks again. Wish me luck.

Glen A. Johnson
Johnson Computer Consulting
[americanflag]
Support our Troops!

 
Upvote 0 Downvote
Yeah give those a try before formatting. As for norton, yeah I hate that antivirus. Others like it though. Either way ive had better results with avg and antivir. Good luck!!

There is a point in wisdom and knowledge that when you reach it, you exceed what is considered possible - Jason Schoon
 
Upvote 0 Downvote
Gonna buy wife a new pc. Then I'm gonna f-disk this thing and use it for storage. Can't even update norton on my laptop anymore. Will NEVER use norton again.

Glen A. Johnson
Johnson Computer Consulting
[americanflag]
Support our Troops!

 
Upvote 0 Downvote
Yeah id recommend avg or antivir in the future. Both free and very good.

There is a point in wisdom and knowledge that when you reach it, you exceed what is considered possible - Jason Schoon
 
Upvote 0 Downvote
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top